Saturday, November 28, 2020

You have entire countries trying to hack you. You must be really really important!

https://www.cpomagazine.com/cyber-security/85-of-cyber-espionage-is-state-affiliated-only-4-tied-to-organized-crime/

85% of Cyber Espionage Is State-Affiliated, Only 4% Tied To Organized Crime

Verizon’s 2020 Cyber Espionage Report, the result of a total of 14 years of research into global data breaches and threat actor activity, has come up with some illuminating observations about long-term patterns of cyber spying. Among the major highlights are that criminal organizations and disgruntled former employees play a trivial role in overall attempts, that the public sector is the preferred target of attackers and that desktops and laptops are far more likely to be breached than phones.

[The report: https://www.verizon.com/business/resources/reports/cyber-espionage-report/





I wonder who signs off on products like these? No one saw this coming?

https://www.pogowasright.org/amazon-faces-a-privacy-backlash-for-its-sidewalk-feature-which-turns-alexa-devices-into-neighborhood-wifi-networks-that-owners-have-to-opt-out-of/

Amazon faces a privacy backlash for its Sidewalk feature, which turns Alexa devices into neighborhood WiFi networks that owners have to opt out of

Kevin Shalvey reports:

Amazon customers are being automatically opted in to Sidewalk, a feature set to launch later this year that the company says will connect Alexa devices to nearby WiFi networks, even those owned by someone else.
[…]
Anticipating privacy concerns, Amazon published a research paper detailing the technology behind Sidewalk and the steps taken to keep users’ data private. The company concluded that privacy was one of the “foundational principals” of Sidewalk’s design.
By sharing a small portion of their home network bandwidth, neighbors give a little – but get a lot in return,” the report’s authors said.

Read more on BusinessInsider.



(Related) I guess Amazon didn’t notice articles like this one.

https://www.wsj.com/articles/next-step-in-government-data-tracking-is-the-internet-of-things-11606478401?mod=djemalertNEWS

Next Step in Government Data Tracking Is the Internet of Things

U. S. government agencies from the military to law enforcement have been buying up mobile-phone data from the private sector to use in gathering intelligence, monitoring adversaries and apprehending criminals.

Now, the U.S. Air Force is experimenting with the next step.

The Air Force Research Laboratory is testing a commercial software platform that taps mobile phones as a window onto usage of hundreds of millions of computers, routers, fitness trackers, modern automobiles and other networked devices, known collectively as the “Internet of Things.”





Year end summaries…

https://venturebeat.com/2020/11/27/ai-weekly-the-state-of-machine-learning-in-2020/

AI Weekly: The state of machine learning in 2020

The AI Index is due out in the coming weeks, as is CB Insights’ assessment of global AI startup activity, but two reports — both called The State of AI — have already been released.

Last week, McKinsey released its global survey on the state of AI, a report now in its third year. Interviews with executives and a survey of business respondents found a potential widening of the gap between businesses that apply AI and those that do not.

A month before McKinsey published its business survey, Air Street Capital released its State of AI report, which is now in its third year. The London-based venture capital firm found the AI industry to be strong when it comes to company funding rounds, but its report calls centralization of AI talent and compute “a huge problem.” Other serious problems Air Street Capital identified include ongoing brain drain from academia to industry and issues with reproducibility of models created by private companies.





Worth a listen?

https://www.prnewswire.com/news-releases/future-talks-powered-by-mvm-neil-degrasse-tyson-leads-a-supergroup-of-experts-on-ai-on-30-november-301181205.html

Future Talks Powered by MVM: Neil deGrasse Tyson Leads a Supergroup of Experts on AI on 30 November

The online talk show is free of charge and accessible for all on the organizer MVM Group's (the largest Hungarian energy company's) Facebook and YouTube channels, as well as the 'Future Talks powered by MVM' website on 30 November, at 12:00 p.m. New York and 9:00 a.m. Los Angeles.

Further information: www.mvmfuturetalks.com

Facebook event: https://www.facebook.com/events/398239114862049/

LinkedIn event: https://www.linkedin.com/events/6732691494861340672/

Promo video of the event: https://www.youtube.com/watch?v=-yWRXuSXWmk&feature=youtu.be





This is cool. Going the other way will be much more difficult.

https://www.newscientist.com/article/2261113-ai-can-turn-spoken-language-into-photorealistic-sign-language-videos/

AI can turn spoken language into photorealistic sign language videos





A freebie for your virtual bookshelf. (Which I recommend you keep on Calibre https://calibre-ebook.com/ )

https://www.makeuseof.com/office-365-all-in-one-dummies-ebook/

Download a FREE Copy of Office 365 All-in-One for Dummies

Whether you're a beginner or an experienced user, this ebook has a lot to offer, from advice and how-tos, to shortcuts, and little-known tips.

Interested? Simply click here to download this free ebook (worth $24) from TradePub. You will have to complete a short form to access the ebook, but it’s well worth it!

Note: This free offer expires on December 2, 2020.





Running out of things to read? From classics to pulp.

https://www.makeuseof.com/little-known-places-to-download-free-ebooks/

6 Little Known Places to Download Unique Free Ebooks



Friday, November 27, 2020

Solid suggestions.

https://www.techrepublic.com/article/7-big-data-goals-for-2021-ai-devops-hybrid-cloud-and-more/

7 big data goals for 2021: AI, DevOps, hybrid cloud, and more

In 2021, corporate big data leaders will be looking to improve data quality and turnaround of big data projects, as well as performance in meeting business objectives. While 2020 hasn't been a normal year for anyone, you still have to plan for the future and get ready for what may come.

Here are seven key areas of focus for 2021.





This should be interesting to watch. Will it catch on with other countries? Will it work?

https://www.cnbc.com/2020/11/26/google-and-facebook-to-be-scrutinized-by-new-uk-unit-from-next-year.html

Google and Facebook to be scrutinized by new U.K. antitrust unit from next year

The Department for Digital, Culture, Media and Sport said it plans to create a Digital Markets Unit (DMU) to enforce “a new code to govern the behavior of platforms that currently dominate the market, such as Google and Facebook.”

The code is designed to ensure that consumers, small businesses, and news publishers aren’t disadvantaged by actions taken by tech giants, the government said.

Under the new code, some of the world’s biggest tech companies may have to be more transparent about the services they provide and how they use consumers’ data. They may also be forced to give consumers a choice over whether to receive personalized advertising, and they won’t be able to place restrictions on customers that make it difficult for them to use rival platforms.

The DMU, which will be part of the Competition and Markets Authority (CMA), will start work in April 2021.

The government said the DMU may be given the unit the power to suspend, block and reverse decisions made by large tech companies. The DMU could also order them to take certain actions to achieve compliance with the code, and impose financial penalties for non-compliance, the government said.





Darker predictions.

https://www.fastcompany.com/90488665/the-coronavirus-butterfly-effect-six-predictions-for-a-new-world-order

The coronavirus butterfly effect: Six predictions for a new world order

The world may soon pass “peak virus.” But true recovery will take years—and the ripple effects will be seismic. Parag Khanna and Karan Khemka forecast the aftershocks.





Perspective.

https://www.nytimes.com/2020/11/27/technology/pushed-by-pandemic-amazon-goes-on-a-hiring-spree-without-equal.html

Pushed by Pandemic, Amazon Goes on a Hiring Spree Without Equal

The company has added 427,300 employees in 10 months, bringing its global work force to more than 1.2 million.





‘cause I needs me some grammar.

https://www.makeuseof.com/best-grammar-punctuation-sites/

The 7 Best Grammar and Punctuation Sites



Thursday, November 26, 2020

I wonder if their lawyers warned them in time to avoid this? Where was the ball dropped?

https://www.bloomberg.com/news/articles/2020-11-25/millions-of-facebook-users-pass-on-650-million-privacy-jackpot

Millions of Facebook Users Pass on $650 Million Privacy Jackpot

Facebook Inc. will be making payouts to only about a quarter of the 6 million Illinois residents eligible for the biggest consumer privacy settlement in U.S. history.

Based on a tally filed in court after Monday’s claims deadline, some 1.57 million people will probably pocket more than $300 each – after about a third of the $650 million settlement fund is set aside for their attorneys and administrative costs – from a lawsuit in which the social network was accused of collecting biometric images from its photo-tagging feature without consent.

As class actions go, with nickel-and-dime payouts often not worth the effort of filing a claim, a case that ends up with a 25% buy-in from consumers is a success story. Frequently, fewer than 10% of eligible people file claims.





A summary for my Computer Security students.

https://www.law.com/thelegalintelligencer/2020/11/25/data-breach-cases-an-analysis-of-standing-and-best-causes-of-action/

Data Breach Cases: An Analysis of Standing and Best Causes of Action

Despite the rules and security measures that many organizations put in place to protect the personal information of their clients or customers, sensitive information may still fall prey to hackers and other kinds of breaches. Those affected may seek counsel to aid in bringing suit to hold an entity liable for its intermediary role when a third party commits a data breach.. While data breaches have become too common, case law and statutory law governing redress for data breaches is limited. This column explores standing and potential causes of action in data breach suits.





At least an occasional (annual?) review by someone who did not do the original setup?

https://www.databreaches.net/fairchild-medical-center-server-was-exposing-patient-information-for-4-5-years-until-a-security-firm-alerted-them/

Fairchild Medical Center server was exposing patient information for 4.5 years until a security firm alerted them

Ugh. Fairchild Medical Center had a misconfigured server exposing PHI from December 16, 2015 until they were alerted to the problem in late July by an unnamed security company who discovered the exposure.

Here’s their press release, below.





Could we do this in the US? (Aren’t we doing it already?)

https://thenextweb.com/readme/2020/11/26/how-to-build-a-search-engine-for-criminal-data/

How to build a search engine for criminal data

Whether it’s a WhatsApp message arranging the distribution of cocaine from São Paulo to Amsterdam or other encrypted conversations to lure the enemy into a deadly ambush; criminals have long tried to keep their digital footprints hidden.

The evidence of crime is all stored in the digital archive: emails, photos, and cloud storage data. Law enforcement agencies can use these digital clues to find out where criminals have been, and what they’re currently doing.

Data analysis platforms are becoming increasingly crucial in the fight against crime. We spoke with two forensic software experts from Hansken about how they support law enforcement agencies, like the Dutch National Police and the Dutch Fiscal Information and Investigation Service.





An interesting ‘what,’ but the question is ‘who?’ Can an internal review be trusted?

https://www.mclane.com/assets/docs/Weaver_-_Assessment_of_Artificial_Intelligence_Systems.pdf

Everything Is Not Terminator

Many information security and privacy laws such as the California Consumer Privacy Act1 and the New York Stop Hacks and Improve Electronic Data Security Act2 require periodic assessments of an organization’s information management systems. Because many organizations collect, use, and store personal information from individuals—much of which could be used to embarrass or impersonate those individuals if inappropriately accessed—these laws require organizations to regularly test and improve the security they use to protect that information.

As of yet, there is no similar specific law in the United States directed at artificial intelligence systems (“AIS”), requiring the organizations that rely on AIS to test its accuracy, fairness, bias, discrimination, privacy, and security.

However, existing law is broad enough to impose on many organizations a general obligation to assess their AIS, and legislation has appeared requiring certain entities to conduct impact assessments on their AIS. Even without a regulatory mandate, many organizations should perform AIS assessments as a best practice.

This column summarizes current and pending legal requirements before providing more details about the assessment process.





High probability, even with Presidential distractions?

https://www.insideprivacy.com/internet-of-things/iot-update-congress-passes-iot-cybersecurity-improvement-act-of-2020/

IoT Update: Congress Passes IoT Cybersecurity Improvement Act of 2020

The bipartisan Internet of Things (“IoT”) Cybersecurity Improvement Act of 2020 (S. 734, H.R. 1668 ) has passed the House and the Senate and is headed to the President’s desk for signature. The bill was sponsored in the House by Representatives Hurd (R-TX) and Kelly (D-IL), and in the Senate by Senators Warner (D-VA) and Gardner (R-CO). President Trump is expected to sign the measure into law.





Perspective. Brick and mortar stores don’t own all the brick an mortar. Apparently you need a lot of room to store all that virtual…

https://www.wsj.com/articles/stock-market-titans-amazon-google-and-facebook-are-also-driving-commercial-real-estate-11606213801?mod=djemalertNEWS

Stock-Market Titans Amazon, Google and Facebook Are Also Driving Commercial Real Estate

The biggest U.S. tech companies are providing a jolt to the slumbering commercial real-estate business, emerging as major tenants and acquirers of office and other space while many nontech firms are trying to tear up their leases.

Five of the biggest property owners in the tech industry— Amazon.com Inc., Facebook Inc., Apple Inc., Google parent Alphabet Inc. and Microsoft Corp. —together occupy around 589 million square feet of U.S. real estate, according to CoStar Group. That is more than all of the office space in New York City, or the equivalent to about 220 Empire State Buildings. It marks a fivefold increase from a decade ago.



Wednesday, November 25, 2020

Keep your smart devices in the dark? If these microphones are sensitive enough to pick up the vibrations caused by a beam of light, what else can they detect?

https://threatpost.com/light-based-attacks-digital-home/161583/

Light-Based Attacks Expand in the Digital Home

Imagine someone hacking into an Amazon Alexa device using a laser beam and then doing some online shopping using that person account. This is a scenario presented by a group of researchers who are exploring why digital home assistants and other sensing systems that use sound commands to perform functions can be hacked by light.

The same team that last year mounted a signal-injection attack against a range of smart speakers merely by using a laser pointer are still unraveling the mystery of why the microelectro-mechanical systems (MEMS) microphones in the products turn the light signals into sound.

Researchers at the time said that they were able to launch inaudible commands by shining lasers – from as far as 110 meters, or 360 feet – at the microphones on various popular voice assistants, including Amazon Alexa, Apple Siri, Facebook Portal, and Google Assistant.





A summary for my Computer Security students.

https://www.cpomagazine.com/data-protection/how-privacy-professionals-can-comply-with-cookie-consent/

How Privacy Professionals Can Comply with Cookie Consent?

According to Article 5(3) of the ePrivacy Directive, organizations must obtain prior informed consent from the consumer before storage or access to information stored via a user’s terminal equipment. Take for example, cookies dropped on websites. Organizations must ask users if they agree to accept these cookies or web beacons before they are placed. The ePrivacy Directive exempts “strictly necessary” which are used solely for carrying out communication transmission.

Privacy professionals need to make sure that their cookie notice includes the following in order to stay compliant with privacy regulations:

  • Explain the purpose of the installation of cookies that the site uses, briefly

  • State action which will signify consent

  • Be sufficiently conspicuous

  • Notify consumers on cookie purpose, usage, and related third-party activity.





Gosh, you think?

https://www.databreaches.net/amazons-pharmacy-venture-opens-new-privacy-security-law-risks/

Amazon’s Pharmacy Venture Opens New Privacy, Security Law Risks

Jacquie Lee and Jake Holland report:

Amazon’s push into delivering prescription drugs puts it in the crosshairs of everyone from state attorneys general to data thieves—who will all be scrutinizing how the e-commerce giant protects sensitive patient information.
Amazon’s new online pharmacy business will sell brand and generic prescription medications that consumers can buy through their insurance or through their Amazon Prime accounts for a discount.

Read more on Bloomberg Law.





A quiet but continuous trend.

https://www.ft.com/content/2cfe3d07-7e69-4f57-b634-8b6002f967cb

France demands digital tax payments from US tech groups

French tax authorities have begun demanding millions of euros from US technology groups as they push ahead with a new digital services tax that has enraged Washington.

Facebook and Amazon are among the companies to have received communication from French authorities in recent days demanding payment of the tax for 2020, according to French officials, company executives and advisers.

The collection of the tax, which Washington has said is an example of an unfair trade practice because it largely affects US companies, threatens to reignite the transatlantic trade tensions and trigger new tariffs on Europe weeks ahead of the inauguration of Joe Biden.

The US trade representative’s office is now expected to put tariffs of 25 per cent on $1.3bn worth of French handbags and make-up, having at first threatened to hit champagne and cheeses with import tariffs of 100 per cent.

Several governments have either already introduced or plan to introduce their own digital services tax. They argue that tech companies pay too little tax on the profits they make in many countries, partly because they record them in low-tax jurisdictions such as Ireland.





My New Year resolution: make more videos.

https://www.freetech4teachers.com/2020/11/an-easy-way-to-make-videos-on-windows.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+freetech4teachers/cGEY+(Free+Technology+for+Teachers)

An Easy Way to Make Videos on Windows 10 Computers

Microsoft Photos includes a video creation tool for making short audio slideshow-style videos. You'll find this by just opening the native photos app in Windows 10. Within the editor there are tools for adding animated effects to still images, insert your existing video clips into a video project, and tools for adding audio to your video. There's also a great option to search for Creative Commons licensed images and insert them directly into your video project. The best part of that feature is that attribution information is automatically added onto the images you choose through the built-in search tool.

In the following video I provide a demonstration of how to create a video in Microsoft Photos in Windows 10.





I know some people in these categories…

https://www.bespacific.com/the-new-york-times-is-available-to-high-school-students-and-teachers-across-the-united-states-free/

The New York Times is available to high school students and teachers across the United States — free

Free digital access continues through September 1, 2021.



Tuesday, November 24, 2020

Ransomware can be nasty. Victims underestimate the volume of work required.

https://www.databreaches.net/a-month-after-cyberattack-uvm-medical-center-restores-access-to-electronic-records/

A month after cyberattack, UVM Medical Center restores access to electronic records

Kate Jickling reports:

The University of Medical Center’s electronic medical records system is up and running nearly a month after the hospital fell victim to a cyberattack.
Over the weekend, the hospital tech team restored Epic health records system, giving doctors and nurses full access to patient medical history, appointments, and medications, said Al Gobeille, a vice president of operations for the UVM Health Network on Monday.

Read more on VTDigger.

[From the article:

Operations won’t fully return to normal for weeks, but the reboot marks the most significant step toward restoring normalcy after the cyberattack disrupted patient care and delayed appointments. On Oct. 28, the hospital IT staff noticed abnormal activity, and shut down its online operations. The hack downed hospital phone and email networks, eliminated access to patient records and appointments, and halted access for the hospital to pay employees overtime.

A National Guard unit came in to help and the Medical Center’s IT team worked to restore nearly 5,000 computers. Nurses and doctors made a rocky transition to paper records.

Even now, many of the 500 applications that connect to Epic, such as the MyChart patient portal, and radiology and chemotherapy systems, are not yet live, said Gobeille. It will continue to be an “evolutionary process” over several weeks to get back to normal, he said.





How could you use it?

https://www.bespacific.com/the-artificial-intelligence-incident-database/

The Artificial Intelligence Incident Database

Via Mary Whisner:





Perspective. AI (and space?) must be expensive.

https://foreignpolicy.com/2020/11/23/britain-announces-biggest-defense-spending-increase-since-cold-war-boris-johnson-artificial-intelligence-space-force/

U.K. Announces Biggest Defense Spending Increase Since the Cold War

The increased budget would make Britain the largest defense spender in Europe and second only to the United States among NATO members, Johnson’s government said. The funds will be used to establish a new artificial intelligence center, to create a Royal Air Force Space Command, and to “restore Britain’s position as the foremost naval power in Europe.”





Something for the teacher/student toolkit.

https://www.makeuseof.com/highlighter-apps-to-annotate-online-text-videos-or-podcasts/

5 Highlighter Apps to Annotate Online Text, Videos, or Podcasts

Data comes in all forms these days. When you're conducting research, you'll need to read online articles, pick up physical books, watch videos on the internet, and even listen to podcasts. You need to highlight and annotate these different sources and remember why you bookmarked something. That's where these free tools will come in handy.





For my favorite niece.

https://www.makeuseof.com/tag/top-6-sites-to-find-and-print-free-sheet-music-nb/

The Top 7 Sites to Find and Print Free Sheet Music



Monday, November 23, 2020

Monday’s are dull, news-wise.





Perspective. Counter-intuitive.

https://thenextweb.com/shift/2020/11/23/canadian-transit-agency-reduces-costs-and-wait-times-with-on-demand-services-syndication/

On-demand public transport sounds like a luxury — but it can actually save cities money

Think going on-demand will drain your budgets? Think again. Evidence shows that when on-demand networks are implemented in a smart way, communities can actually save money compared to their previous fixed-route services, unlocking broader benefits that pay back the initial investment many times over.

Providing high-quality services at the minimum possible cost to the taxpayer is generally the name of the game for any public transportation agency. However, when talking about microtransit, opponents often get tied up in measuring the return on investment (ROI) simply in terms of farebox recovery ratios rather than the overall efficiency of the service (and resulting cost savings).





So I can automate my research.

https://thenextweb.com/syndication/2020/11/23/a-beginners-guide-to-web-scraping-with-python-and-scrapy/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheNextWeb+%28The+Next+Web+All+Stories%29

A beginner’s guide to web scraping with Python and Scrapy

… This tutorial will be an ultimate guide for you to learn web scraping using Python programming language. At first, I’ll walk you through some basic examples to make you familiar with web scraping. Later on, we’ll use that knowledge to extract data of football matches from Livescore.cz .



Sunday, November 22, 2020

A hundred years ago it was bumps on the head… (Phrenology)

https://www.semanticscholar.org/paper/The-Criminality-From-Face-Illusion-Bowyer-King/41f3d08beac952b10bfd2d87012b337cd1a59daa

The Criminality From Face Illusion

The automatic analysis of face images can generate predictions about a person's gender, age, race, facial expression, body mass index, and various other indices and conditions. A few recent publications have claimed success in analyzing an image of a person's face in order to predict the person's status as Criminal / Non-Criminal. Predicting criminality from face may initially seem similar to other facial analytics, but we argue that attempts to create a criminality-from-face algorithm are necessarily doomed to fail, that apparently promising experimental results in recent publications are an illusion resulting from inadequate experimental design, and that there is potentially a large social cost to belief in the criminality from face illusion.





That AI done me wrong!”

http://www.ejobios.org/download/liability-of-artificial-intelligence-as-a-subject-of-legal-relations-8271.pdf

Liability of artificial intelligence as a subject of legal relations

This article is concerned with a burning issue, namely, liability for offenses committed with the use of artificial intelligence and methods of compensating the damage caused by such illegal actions. The study aims at analyzing several legal acts that regulate the possible application of A.I., reveal problems in this field and suggest possible solutions.

The authors of the article use theoretical and general philosophical methods of cognition, as well as traditional legal methods. The main method is analogy that highlights the need to eliminate gaps in the current Russian legislation. Based on the concepts of A.I. formed by scholars from different countries and using the method of comparative analysis, the authors attempt to consider offenses committed with the use of A.I. in the territory of Russia.

To determine A.I. as a subject of legal relations, different scholars developed original concepts. The authors of the article have studied some hypotheses regarding the development of technologies that increase the interaction between people and computers and its possible danger since it might blur the borders between A.I. and its operators.

The study results can be useful for the theory of civil and administrative law in determining the person responsible for the harm caused by A.I. and for the application of liability rules in relation to a new road user. Such conclusions might be of interest to the legislator to fill in the gaps in the legal regulation of compensation for the harm caused by A.I.

The authors are the first to draw a certain parallel between the sources of administrative and civil law regarding legal liability for the commission of an offense and compensation for the damage caused by A.I. In addition, they have analyzed the current legislation of the Russian Federation governing liability for the violation of traffic rules.





Toward an AI judge?

https://www.semanticscholar.org/paper/AI-lead-Court-Debate-Case-Investigation-Ji-Zhu/cbbb56a8f9e883d5e3c0457d60bf7dcd248ae083

AI-lead Court Debate Case Investigation

The multi-role judicial debate composed of the plaintiff, defendant, and judge is an important part of the judicial trial. Different from other types of dialogue, questions are raised by the judge, The plaintiff, plaintiff's agent defendant, and defendant's agent would be to debating so that the trial can proceed in an orderly manner. Question generation is an important task in Natural Language Generation. In the judicial trial, it can help the judge raise efficient questions so that the judge has a clearer understanding of the case. In this work, we propose an innovative end-to-end question generation model-Trial Brain Model (TBM) to build a Trial Brain, it can generate the questions the judge wants to ask through the historical dialogue between the plaintiff and the defendant. Unlike prior efforts in natural language generation, our model can learn the judge's questioning intention through predefined knowledge. We do experiments on real-world datasets, the experimental results show that our model can provide a more accurate question in the multi-role court debate scene.





If this is difficult, think how much worse AI will be.

https://www.semanticscholar.org/paper/Software-must-be-recognised-as-an-important-output-Jay-Haines/fc6b3ea38c8d272d1e99ac25f58970897b242a94

Software must be recognised as an important output of scholarly research

Software now lies at the heart of scholarly research. Here we argue that as well as being important from a methodological perspective, software should, in many instances, be recognised as an output of research, equivalent to an academic paper. The article discusses the different roles that software may play in research and highlights the relationship between software and research sustainability and reproducibility. It describes the challenges associated with the processes of citing and reviewing software, which differ from those used for papers. We conclude that whilst software outputs do not necessarily fit comfortably within the current publication model, there is a great deal of positive work underway that is likely to make an impact in addressing this.